package com.fr.privilege.filter.core;

import com.fr.base.FRContext;
import com.fr.base.StringUtils;
import com.fr.base.core.ComparatorUtils;
import com.fr.base.core.util.TemplateUtils;
import com.fr.base.file.ConfigManager;
import com.fr.privilege.authentication.Authentication;
import com.fr.privilege.authentication.AuthenticationFactory;
import com.fr.privilege.manager.PrivilegeManager;
import com.fr.privilege.providers.AbstractAuthenticationProvider;
import com.fr.privilege.providers.AuthenticationProvider;
import com.fr.privilege.ui.CustomLogioutUI;
import com.fr.privilege.ui.LoginoutUI;
import com.fr.web.core.WebUtils;
import com.fr.web.core.service.LoginOutService;
import com.fr.web.core.service.PlatformService;
import com.fr.web.platform.exception.RedirectException;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

public class FRSecurityDispatcher
{
  public static void dealWithRequest(HttpServletRequest paramHttpServletRequest, HttpServletResponse paramHttpServletResponse)
    throws Exception
  {
    Object localObject;
    try
    {
      dealWithSecurity(paramHttpServletRequest, paramHttpServletResponse);
    }
    catch (RedirectException localRedirectException)
    {
      throw new RedirectException();
    }
    catch (Exception localException1)
    {
      PrivilegeManager localPrivilegeManager = FRContext.getPrivilegeManager();
      localObject = localPrivilegeManager.getAuthenticationProvider();
      if (localObject == null)
        return;
      LoginoutUI localLoginoutUI = ((AuthenticationProvider)localObject).getLoginoutUI();
      if (localLoginoutUI != null)
        localLoginoutUI.redirect2LoginUI(paramHttpServletRequest, paramHttpServletResponse, localException1.getMessage());
      return;
    }
    Authentication localAuthentication = AuthenticationFactory.extractAuthentication(paramHttpServletRequest);
    if ((localAuthentication != null) && (localAuthentication.isAuthenticated()))
      try
      {
        dealWithControl(paramHttpServletRequest, paramHttpServletResponse);
      }
      catch (Exception localException2)
      {
        localObject = WebUtils.createTemplateMap(paramHttpServletRequest);
        ((Map)localObject).put("charset", FRContext.getConfigManager().getServerCharset());
        ((Map)localObject).put("title", "无权限访问");
        TemplateUtils.dealWithTemplate("/com/fr/web/platform/html/noPri.html", paramHttpServletResponse, (Map)localObject);
      }
  }

  public static void dealWithSecurity(HttpServletRequest paramHttpServletRequest, HttpServletResponse paramHttpServletResponse)
    throws Exception
  {
    String str = WebUtils.getHTTPRequestParameter(paramHttpServletRequest, "op");
    if ((str != null) && (LoginOutService.getInstance().accept(str)))
      LoginOutService.getInstance().process(paramHttpServletRequest, paramHttpServletResponse, str);
    Authentication localAuthentication = AuthenticationFactory.extractAuthentication(paramHttpServletRequest);
    if ((localAuthentication == null) || (!(localAuthentication.isAuthenticated())))
      dealWithControl(paramHttpServletRequest, paramHttpServletResponse);
  }

  public static void dealWithControl(HttpServletRequest paramHttpServletRequest, HttpServletResponse paramHttpServletResponse)
    throws Exception
  {
    String str1 = WebUtils.getHTTPRequestParameter(paramHttpServletRequest, "op");
    HttpSession localHttpSession = paramHttpServletRequest.getSession(true);
    if ((str1 != null) && (PlatformService.getInstance().accept(str1)))
    {
      localHttpSession.setAttribute("fr_from", WebUtils.getOriginalURL(paramHttpServletRequest));
      PlatformAccessDealWith.dealWithRequest(str1, paramHttpServletRequest, paramHttpServletResponse);
      return;
    }
    String str2 = WebUtils.getHTTPRequestParameter(paramHttpServletRequest, "reportlet");
    if (isLoginoutReportlet(str2))
      return;
    if (str2 != null)
    {
      localHttpSession.setAttribute("fr_from", WebUtils.getOriginalURL(paramHttpServletRequest));
      TemplateAccessDealWith.dealWithRequest(str2, paramHttpServletRequest, paramHttpServletResponse);
      return;
    }
  }

  private static boolean isLoginoutReportlet(String paramString)
  {
    if (StringUtils.isEmpty(paramString))
      return false;
    PrivilegeManager localPrivilegeManager = FRContext.getPrivilegeManager();
    AbstractAuthenticationProvider localAbstractAuthenticationProvider = (AbstractAuthenticationProvider)localPrivilegeManager.getAuthenticationProvider();
    LoginoutUI localLoginoutUI = localAbstractAuthenticationProvider.getLoginoutUI();
    if (localLoginoutUI instanceof CustomLogioutUI)
    {
      String str = StringUtils.perfectStart(((CustomLogioutUI)localLoginoutUI).getLoginPath(), "/");
      paramString = StringUtils.perfectStart(paramString, "/");
      return ComparatorUtils.equals(str, paramString);
    }
    return false;
  }
}